Brian Downs
40a46e1412
add ability to specify etcd snapshot list output format ( #5132 )
2022-02-25 14:00:00 -07:00
Derek Nola
142eed1a9f
Create encryption hash file if it doesn't exist ( #5140 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-02-25 08:43:03 -08:00
Hussein Galal
43b1cb4820
Update to V1.23.4 k3s1 ( #5135 )
...
* Update to v1.23.4
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Upgrade treafik to 2.6.1
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Upgrade treafik to 2.6.1
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Upgrade treafik image in image-list
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Update kubernetes
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2022-02-22 18:57:22 +02:00
Manuel Buil
062fe63dd1
Fix annoying netpol log
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-02-10 20:01:27 +01:00
Derek Nola
e28be2912c
Migrate Ginkgo testing framework to V2, consolidate integration tests ( #5097 )
...
* Upgrade and convert ginkgo from v1 to v2
* Move all integration tests into integration folder
* Update TESTING.md
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-02-09 08:22:53 -08:00
Hussein Galal
13728058a4
Add k3s etcd restoration integration test ( #5014 )
...
* Add k3s etcd restoration test
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Fix tests and rebase
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Reorganizing the tests
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Fixing comments
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Fix etcd restore
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* dont check for errors when restoring
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* use eventually to test for restoration
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix tests
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix golint
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2022-02-08 21:24:34 +02:00
Manuel Buil
773c2a4184
Merge pull request #5079 from manuelbuil/michalsPR
...
netpol: Use kube-router as a library
2022-02-07 19:18:15 +01:00
Michal Rostecki
4fed9f4052
netpol: Use kube-router as a library
...
Before this change, we were copying a part of kube-router code to
pkg/agent/netpol directory with modifications, from which the biggest
one was consumption of k3s node config instead of kube-router config.
However, that approach made it hard to follow new upstream versions.
It's possible to use kube-router as a library, so it seems like a better
way to do that.
Instead of modifying kube-router network policy controller to comsume
k3s configuration, this change just converts k3s node config into
kube-router config. All the functionality of kube-router except netpol
is still disabled.
Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-02-07 10:54:08 +01:00
Derek Nola
4f36c82ff7
Check for --kubeconfig
flag with embedded kubectl
( #5064 )
...
* Check for kubeconfig flag
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-02-03 09:00:24 -08:00
Ankur Gupta
df4147cd57
Update legacy-unknown-cert and legacy-unknown-key ( #5057 )
...
Signed-off-by: Ankur Gupta <ankur.gupta130887@gmail.com>
2022-02-02 09:15:41 -08:00
Derek Nola
d583a99f62
Add server flag to access nonlocal/nondefault k3s server ( #5016 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-01-27 10:53:38 -08:00
Brad Davidson
bc7635f01f
Move containerd wait into exported function
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-25 13:09:30 -08:00
Roberto Bonafiglia
bb856c67dc
Merge pull request #4952 from rbrtbnfgl/ipv6-nat
...
Add IPv6 NAT
2022-01-19 08:44:57 +01:00
Brad Davidson
a094dee7dd
Update packaged components
...
Update images and manifests/charts for coredns, local-path-provisioner, traefik, and pause
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-18 16:40:00 -08:00
Brad Davidson
27fe2c3c1b
go generate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-18 11:01:49 -08:00
Roberto Bonafiglia
8eded2749a
Added debug log for IPv6 Masquerading rule
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@gmail.com>
2022-01-17 10:20:12 +01:00
Brad Davidson
b1e0f4c8fc
Skip CGroup v2 evac when agent is disabled
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-14 13:24:44 -08:00
Roberto Bonafiglia
111c1669fc
Added flannel-ipv6-masq flag to enable IPv6 nat
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@gmail.com>
2022-01-14 18:35:37 +01:00
Roberto Bonafiglia
2253f64b2a
Added iptables masquerade rules for ipv6 on flannel
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@gmail.com>
2022-01-14 18:35:37 +01:00
Brian Downs
effcb15adb
Adds the ability to compress etcd snapshots ( #4866 )
2022-01-14 10:31:22 -07:00
Derek Nola
48ffed3852
Enable logging on all subcommands ( #4921 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-01-12 14:00:40 -08:00
Brad Davidson
a0cadcd343
Move ClusterResetRestore handling ControlConfig setup
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-12 10:46:10 -08:00
Brad Davidson
5ca206ad3b
Fix handling of agent-token fallback to token
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-07 09:56:37 -08:00
Brad Davidson
e7464a17f7
Fix use of agent creds for secrets-encrypt and config validate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-06 12:55:18 -08:00
Lordran
31f1a00b6f
Fix a typo: advertise-up -> advertise-ip ( #4827 )
...
Signed-off-by: 胥朝阳 <xuzhaoyang@91cyt.com>
2022-01-06 08:52:07 -08:00
Derek Nola
2ac8df3602
Integration tests utilities improvements ( #4832 )
...
* Remove sudo commands from integration tests
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Added cleanup fucntion
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Implement better int cleanup
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Rename test utils
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Enable K3sCmd to be a single string
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Removed parsePod function
Signed-off-by: Derek Nola <derek.nola@suse.com>
* codespell
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Revert startup timeout
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Reorder sonobuoy tests, drop concurrent tests to 3
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Disable etcd
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Skip parallel testing for etcd
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-01-06 08:05:56 -08:00
Luther Monson
66eeabbdfc
linter doesn't actually run on windows, found these while getting it running on a windows machine
...
Signed-off-by: Luther Monson <luther.monson@gmail.com>
2021-12-28 20:44:21 -07:00
Derek Nola
ff49dcf71e
Export default parser
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
(cherry picked from commit 9cc930e4a3
)
2021-12-22 16:06:55 -08:00
Brad Davidson
87395e32d6
Update modules for Kubernetes v1.23
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-12-22 10:47:38 -08:00
Manuel Buil
30c701f5de
Merge pull request #4796 from manuelbuil/flannel-logrus
...
Move flannel logs to logrus
2021-12-22 10:33:43 +01:00
Brad Davidson
a5c6e6a68a
Fix panic checking name of uninitialized etcd member
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-12-21 23:38:20 -08:00
Luther Monson
02f862da5f
Merge pull request #4791 from luthermonson/vendor-rm
...
[master] Remove the Vendor Directory
2021-12-21 15:07:55 -07:00
Brian Downs
3ae550ae51
Update bootstrap logic to output all changed files on disk ( #4800 )
2021-12-21 14:28:32 -07:00
Luther Monson
e6cf8f5982
code changes to drop the vendor dir
...
Signed-off-by: Luther Monson <luther.monson@gmail.com>
2021-12-21 14:23:38 -07:00
Manuel Buil
4eb282edac
Move flannel logs to logrus
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-12-21 14:34:51 +01:00
Hussein Galal
2e91913f54
Close agentReady channel only in k3s ( #4792 )
...
* Close agentReady channel only in k3s
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* codespell check
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-12-21 00:22:49 +02:00
Brad Davidson
8ad7d141e8
Close etcd clients to avoid leaking GRPC connections
...
If you don't explicitly close the etcd client when you're done with it,
the GRPC connection hangs around in the background. Normally this is
harmelss, but in the case of the temporary etcd we start up on 2399 to
reconcile bootstrap data, the client will start logging errors
afterwards when the server goes away.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-12-17 23:55:17 -08:00
Manuel Buil
588d15db8f
Remove Disables, Skips and DisableKubeProxy from the comparing configs
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-12-17 19:04:38 +01:00
Brad Davidson
6f4217a340
Build standalone containerd
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-12-16 12:00:15 -08:00
Derek Nola
17eebe0563
Fix cold boot and reconcilation on secondary servers ( #4747 )
...
* Enable reconcilation on secondary servers
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Remove unused code
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Attempt to reconcile with datastore first
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Added warning on failure
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Update warning
Signed-off-by: Derek Nola <derek.nola@suse.com>
* golangci-lint fix
Signed-off-by: Derek Nola <derek.nola@suse.com>
2021-12-15 15:38:50 -08:00
Hussein Galal
d71b335871
Fix snapshot restoration on fresh nodes ( #4737 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-12-14 02:04:39 +02:00
Brian Downs
bf4e037fcf
Resolve Bootstrap Migration Edge Case ( #4730 )
2021-12-13 13:02:30 -07:00
Brian Downs
a6fe2c0bc5
Resolve restore bootstrap ( #4704 )
2021-12-09 14:54:27 -07:00
Brad Davidson
a70487d5ae
Update wharfie usage in windows code path
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-12-09 13:16:22 -08:00
Hussein Galal
3985fd0e26
[master] Add validation to certificate rotation ( #4692 )
...
* Add validation to certificate rotation
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Add validation to certificate rotation
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-12-09 18:57:13 +02:00
Manuel Buil
1e0696628e
Merge pull request #4581 from manuelbuil/checking-HA-parameters
...
Verify new control plane nodes joining the cluster share the same config as cluster members
2021-12-08 10:49:28 +01:00
Alexey Medvedchikov
8f389ab030
Include node-external-ip in serving-kubelet.crt SANs ( #4620 )
...
* Include node-external-ip in serving-kubelet.crt SANs
Signed-off-by: Alexey Medvedchikov <alexeymedvedchikov@improbable.io>
2021-12-07 15:42:40 -08:00
Derek Nola
bcb662926d
Secrets-encryption rotation ( #4372 )
...
* Regular CLI framework for encrypt commands
* New secrets-encryption feature
* New integration test
* fixes for flaky integration test CI
* Fix to bootstrap on restart of existing nodes
* Consolidate event recorder
Signed-off-by: Derek Nola <derek.nola@suse.com>
2021-12-07 14:31:32 -08:00
Manuel Buil
1b3187ea07
Check HA network parameters
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-12-07 23:09:05 +01:00
Brad Davidson
7d3447ceff
Bump wharfie to v0.5.1 and use shared decompression code
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-12-07 12:50:57 -08:00